upstream: Adapt XMSS to new logging infrastructure. With markus@, ok

djm@.

OpenBSD-Commit-ID: 9c35ec3aa0f710e4e3325187ceff4fa3791686de

diff --git a/authfd.c b/authfd.c
index 8288ef215e46d5af374dcb59bb2af36d519007e8..ae4eafb78c01c90983d4a414675d354cb5981502 100644 (file)
--- a/authfd.c
+++ b/authfd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: authfd.c,v 1.124 2020/06/26 05:03:36 djm Exp $ */
+/* $OpenBSD: authfd.c,v 1.125 2020/10/19 22:49:23 dtucker Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -507,7 +507,7 @@ ssh_add_identity_constrained(int sock, struct sshkey *key,
                    SSH2_AGENTC_ADD_IDENTITY;
                if ((r = sshbuf_put_u8(msg, type)) != 0 ||
                    (r = sshkey_private_serialize_maxsign(key, msg, maxsign,
-                   NULL)) != 0 ||
+                   0)) != 0 ||
                    (r = sshbuf_put_cstring(msg, comment)) != 0)
                        goto out;
                break;

diff --git a/ssh-xmss.c b/ssh-xmss.c
index 07351034f074ef34bf77d370ee73e18d6518b628..7bd3a96a3bf599029aa50993dbc7a94a801aeef0 100644 (file)
--- a/ssh-xmss.c
+++ b/ssh-xmss.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-xmss.c,v 1.3 2020/10/18 11:32:02 djm Exp $*/
+/* $OpenBSD: ssh-xmss.c,v 1.4 2020/10/19 22:49:23 dtucker Exp $*/
 /*
  * Copyright (c) 2017 Stefan-Lukas Gazdag.
  * Copyright (c) 2017 Markus Friedl.
@@ -62,7 +62,7 @@ ssh_xmss_sign(const struct sshkey *key, u_char **sigp, size_t *lenp,
        smlen = slen = datalen + required_siglen;
        if ((sig = malloc(slen)) == NULL)
                return SSH_ERR_ALLOC_FAIL;
-       if ((r = sshkey_xmss_get_state(key, error)) != 0)
+       if ((r = sshkey_xmss_get_state(key, 1)) != 0)
                goto out;
        if ((ret = xmss_sign(key->xmss_sk, sshkey_xmss_bds_state(key), sig, &smlen,
            data, datalen, sshkey_xmss_params(key))) != 0 || smlen <= datalen) {
@@ -90,7 +90,7 @@ ssh_xmss_sign(const struct sshkey *key, u_char **sigp, size_t *lenp,
        /* success */
        r = 0;
  out:
-       if ((ret = sshkey_xmss_update_state(key, error)) != 0) {
+       if ((ret = sshkey_xmss_update_state(key, 1)) != 0) {
                /* discard signature since we cannot update the state */
                if (r == 0 && sigp != NULL && *sigp != NULL) {
                        explicit_bzero(*sigp, len);

diff --git a/sshkey-xmss.c b/sshkey-xmss.c
index 88e9ddf4de7d74a106be6c266527cfdfe8603065..c81c689634e7e85cc22458539733ab13d5a8e939 100644 (file)
--- a/sshkey-xmss.c
+++ b/sshkey-xmss.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshkey-xmss.c,v 1.8 2019/11/13 07:53:10 markus Exp $ */
+/* $OpenBSD: sshkey-xmss.c,v 1.9 2020/10/19 22:49:23 dtucker Exp $ */
 /*
  * Copyright (c) 2017 Markus Friedl.  All rights reserved.
  *
@@ -45,6 +45,7 @@
 #include "sshkey.h"
 #include "sshkey-xmss.h"
 #include "atomicio.h"
+#include "log.h"
 
 #include "xmss_fast.h"
 
@@ -79,7 +80,7 @@ int    sshkey_xmss_init_bds_state(struct sshkey *);
 int     sshkey_xmss_init_enc_key(struct sshkey *, const char *);
 void    sshkey_xmss_free_bds(struct sshkey *);
 int     sshkey_xmss_get_state_from_file(struct sshkey *, const char *,
-           int *, sshkey_printfn *);
+           int *, int);
 int     sshkey_xmss_encrypt_state(const struct sshkey *, struct sshbuf *,
            struct sshbuf **);
 int     sshkey_xmss_decrypt_state(const struct sshkey *, struct sshbuf *,
@@ -87,7 +88,8 @@ int    sshkey_xmss_decrypt_state(const struct sshkey *, struct sshbuf *,
 int     sshkey_xmss_serialize_enc_key(const struct sshkey *, struct sshbuf *);
 int     sshkey_xmss_deserialize_enc_key(struct sshkey *, struct sshbuf *);
 
-#define PRINT(s...) do { if (pr) pr(s); } while (0)
+#define PRINT(...) do { if (printerror) sshlog(__FILE__, __func__, __LINE__, \
+    0, SYSLOG_LEVEL_ERROR, __VA_ARGS__); } while (0)
 
 int
 sshkey_xmss_init(struct sshkey *key, const char *name)
@@ -392,7 +394,7 @@ sshkey_xmss_generate_private_key(struct sshkey *k, u_int bits)
 
 int
 sshkey_xmss_get_state_from_file(struct sshkey *k, const char *filename,
-    int *have_file, sshkey_printfn *pr)
+    int *have_file, int printerror)
 {
        struct sshbuf *b = NULL, *enc = NULL;
        int ret = SSH_ERR_SYSTEM_ERROR, r, fd = -1;
@@ -440,7 +442,7 @@ done:
 }
 
 int
-sshkey_xmss_get_state(const struct sshkey *k, sshkey_printfn *pr)
+sshkey_xmss_get_state(const struct sshkey *k, int printerror)
 {
        struct ssh_xmss_state *state = k->xmss_state;
        u_int32_t idx = 0;
@@ -493,9 +495,9 @@ sshkey_xmss_get_state(const struct sshkey *k, sshkey_printfn *pr)
        }
        /* XXX no longer const */
        if ((r = sshkey_xmss_get_state_from_file((struct sshkey *)k,
-           statefile, &have_state, pr)) != 0) {
+           statefile, &have_state, printerror)) != 0) {
                if ((r = sshkey_xmss_get_state_from_file((struct sshkey *)k,
-                   ostatefile, &have_ostate, pr)) == 0) {
+                   ostatefile, &have_ostate, printerror)) == 0) {
                        state->allow_update = 1;
                        r = sshkey_xmss_forward_state(k, 1);
                        state->idx = PEEK_U32(k->xmss_sk);
@@ -563,7 +565,7 @@ sshkey_xmss_forward_state(const struct sshkey *k, u_int32_t reserve)
 }
 
 int
-sshkey_xmss_update_state(const struct sshkey *k, sshkey_printfn *pr)
+sshkey_xmss_update_state(const struct sshkey *k, int printerror)
 {
        struct ssh_xmss_state *state = k->xmss_state;
        struct sshbuf *b = NULL, *enc = NULL;

diff --git a/sshkey-xmss.h b/sshkey-xmss.h
index b9f8ead1047fb8721a9fef5136d7bd04b3a0b230..bf52d293c3a429072c65ff841740d678e75fc1fc 100644 (file)
--- a/sshkey-xmss.h
+++ b/sshkey-xmss.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshkey-xmss.h,v 1.1 2018/02/23 15:58:38 markus Exp $ */
+/* $OpenBSD: sshkey-xmss.h,v 1.2 2020/10/19 22:49:23 dtucker Exp $ */
 /*
  * Copyright (c) 2017 Markus Friedl.  All rights reserved.
  *
@@ -47,10 +47,10 @@ int  sshkey_xmss_deserialize_pk_info(struct sshkey *, struct sshbuf *);
 int     sshkey_xmss_siglen(const struct sshkey *, size_t *);
 void   *sshkey_xmss_params(const struct sshkey *);
 void   *sshkey_xmss_bds_state(const struct sshkey *);
-int     sshkey_xmss_get_state(const struct sshkey *, sshkey_printfn *);
+int     sshkey_xmss_get_state(const struct sshkey *, int);
 int     sshkey_xmss_enable_maxsign(struct sshkey *, u_int32_t);
 int     sshkey_xmss_forward_state(const struct sshkey *, u_int32_t);
-int     sshkey_xmss_update_state(const struct sshkey *, sshkey_printfn *);
+int     sshkey_xmss_update_state(const struct sshkey *, int);
 u_int32_t sshkey_xmss_signatures_left(const struct sshkey *);
 
 #endif /* SSHKEY_XMSS_H */

diff --git a/sshkey.c b/sshkey.c
index ac451f1a84c2e6dc1e00020bbde808570ad5d927..938fa0d7ceec8eeb03d36202ecdb544bb95a32c2 100644 (file)
--- a/sshkey.c
+++ b/sshkey.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshkey.c,v 1.111 2020/08/27 01:06:19 djm Exp $ */
+/* $OpenBSD: sshkey.c,v 1.112 2020/10/19 22:49:23 dtucker Exp $ */
 /*
  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
  * Copyright (c) 2008 Alexander von Gernler.  All rights reserved.
@@ -4700,7 +4700,7 @@ sshkey_parse_pubkey_from_private_fileblob_type(struct sshbuf *blob, int type,
  */
 int
 sshkey_private_serialize_maxsign(struct sshkey *k, struct sshbuf *b,
-    u_int32_t maxsign, sshkey_printfn *pr)
+    u_int32_t maxsign, int printerror)
 {
        int r, rupdate;
 
@@ -4708,14 +4708,14 @@ sshkey_private_serialize_maxsign(struct sshkey *k, struct sshbuf *b,
            sshkey_type_plain(k->type) != KEY_XMSS)
                return sshkey_private_serialize_opt(k, b,
                    SSHKEY_SERIALIZE_DEFAULT);
-       if ((r = sshkey_xmss_get_state(k, pr)) != 0 ||
+       if ((r = sshkey_xmss_get_state(k, printerror)) != 0 ||
            (r = sshkey_private_serialize_opt(k, b,
            SSHKEY_SERIALIZE_STATE)) != 0 ||
            (r = sshkey_xmss_forward_state(k, maxsign)) != 0)
                goto out;
        r = 0;
 out:
-       if ((rupdate = sshkey_xmss_update_state(k, pr)) != 0) {
+       if ((rupdate = sshkey_xmss_update_state(k, printerror)) != 0) {
                if (r == 0)
                        r = rupdate;
        }
@@ -4754,7 +4754,7 @@ sshkey_set_filename(struct sshkey *k, const char *filename)
 #else
 int
 sshkey_private_serialize_maxsign(struct sshkey *k, struct sshbuf *b,
-    u_int32_t maxsign, sshkey_printfn *pr)
+    u_int32_t maxsign, int printerror)
 {
        return sshkey_private_serialize_opt(k, b, SSHKEY_SERIALIZE_DEFAULT);
 }

diff --git a/sshkey.h b/sshkey.h
index 2d8b6249708c6c057546bf09bce01a67968126df..6d162264b36999adfcae358e32c74cbe79da96c0 100644 (file)
--- a/sshkey.h
+++ b/sshkey.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshkey.h,v 1.46 2020/08/27 01:06:19 djm Exp $ */
+/* $OpenBSD: sshkey.h,v 1.47 2020/10/19 22:49:23 dtucker Exp $ */
 
 /*
  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
@@ -267,17 +267,12 @@ int       sshkey_parse_pubkey_from_private_fileblob_type(struct sshbuf *blob,
 int ssh_rsa_complete_crt_parameters(struct sshkey *, const BIGNUM *);
 
 /* stateful keys (e.g. XMSS) */
-#ifdef NO_ATTRIBUTE_ON_PROTOTYPE_ARGS
-typedef void sshkey_printfn(const char *, ...);
-#else
-typedef void sshkey_printfn(const char *, ...) __attribute__((format(printf, 1, 2)));
-#endif
 int     sshkey_set_filename(struct sshkey *, const char *);
 int     sshkey_enable_maxsign(struct sshkey *, u_int32_t);
 u_int32_t sshkey_signatures_left(const struct sshkey *);
-int     sshkey_forward_state(const struct sshkey *, u_int32_t, sshkey_printfn *);
-int     sshkey_private_serialize_maxsign(struct sshkey *key, struct sshbuf *buf,
-    u_int32_t maxsign, sshkey_printfn *pr);
+int     sshkey_forward_state(const struct sshkey *, u_int32_t, int);
+int     sshkey_private_serialize_maxsign(struct sshkey *key,
+    struct sshbuf *buf, u_int32_t maxsign, int);
 
 void    sshkey_sig_details_free(struct sshkey_sig_details *);